Udemy
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
Development
Web Development Data Science Mobile Development Programming Languages Game Development Database Design & Development Software Testing Software Engineering Development Tools No-Code Development
Business
Entrepreneurship Communications Management Sales Business Strategy Operations Project Management Business Law Business Analytics & Intelligence Human Resources Industry E-Commerce Media Real Estate Other Business
Finance & Accounting
Accounting & Bookkeeping Compliance Cryptocurrency & Blockchain Economics Finance Finance Cert & Exam Prep Financial Modeling & Analysis Investing & Trading Money Management Tools Taxes Other Finance & Accounting
IT & Software
IT Certification Network & Security Hardware Operating Systems Other IT & Software
Office Productivity
Microsoft Apple Google SAP Oracle Other Office Productivity
Personal Development
Personal Transformation Personal Productivity Leadership Career Development Parenting & Relationships Happiness Esoteric Practices Religion & Spirituality Personal Brand Building Creativity Influence Self Esteem & Confidence Stress Management Memory & Study Skills Motivation Other Personal Development
Design
Web Design Graphic Design & Illustration Design Tools User Experience Design Game Design Design Thinking 3D & Animation Fashion Design Architectural Design Interior Design Other Design
Marketing
Digital Marketing Search Engine Optimization Social Media Marketing Branding Marketing Fundamentals Marketing Analytics & Automation Public Relations Advertising Video & Mobile Marketing Content Marketing Growth Hacking Affiliate Marketing Product Marketing Other Marketing
Lifestyle
Arts & Crafts Beauty & Makeup Esoteric Practices Food & Beverage Gaming Home Improvement Pet Care & Training Travel Other Lifestyle
Photography & Video
Digital Photography Photography Portrait Photography Photography Tools Commercial Photography Video Design Other Photography & Video
Health & Fitness
Fitness General Health Sports Nutrition Yoga Mental Health Dieting Self Defense Safety & First Aid Dance Meditation Other Health & Fitness
Music
Instruments Music Production Music Fundamentals Vocal Music Techniques Music Software Other Music
Teaching & Academics
Engineering Humanities Math Science Online Education Social Science Language Teacher Training Test Prep Other Teaching & Academics
AWS Certification Microsoft Certification AWS Certified Solutions Architect - Associate AWS Certified Cloud Practitioner CompTIA A+ Cisco CCNA Amazon AWS CompTIA Security+ Microsoft AZ-900
Graphic Design Photoshop Adobe Illustrator Drawing Digital Painting InDesign Character Design Canva Figure Drawing
Life Coach Training Neuro-Linguistic Programming Personal Development Mindfulness Personal Transformation Life Purpose Meditation CBT Emotional Intelligence
Web Development JavaScript React CSS Angular PHP Node.Js WordPress Vue JS
Google Flutter Android Development iOS Development React Native Swift Dart Programming Language Mobile Development Kotlin SwiftUI
Digital Marketing Google Ads (Adwords) Social Media Marketing Google Ads (AdWords) Certification Marketing Strategy Internet Marketing YouTube Marketing Email Marketing Retargeting
Microsoft Power BI SQL Tableau Business Analysis Data Modeling Business Intelligence MySQL Data Analysis Blockchain
Business Fundamentals Entrepreneurship Fundamentals Business Strategy Business Plan Startup Online Business Freelancing Blogging Home Business
Unity Game Development Fundamentals Unreal Engine C# 3D Game Development C++ 2D Game Development Unreal Engine Blueprints Blender
30-Day Money-Back Guarantee
IT & Software Network & Security Exploit Development

Ethical Hacking & Bug Hunting: Buffer Overflow For Beginners

Learn how to exploit Buffer Overflows on Windows systems. Get a shell! (Reverse engineering and Exploit development).
Rating: 4.5 out of 54.5 (199 ratings)
1,213 students
Created by Eslam Medhat (Ethical Hacking, Bug Bounty and Penetration Testing)
Last updated 7/2019
English
English [Auto]
30-Day Money-Back Guarantee

What you'll learn

  • Fuzzing applications.
  • Using a debugger to examine the crash.
  • Identifying error conditions using debugging.
  • Targeting the EIP register.
  • Identifying bad characters.
  • Locating the vulnerable module.
  • Exploit Development.
  • Creating final exploit code.
  • Gain Remote Code Execution on Windows.
Curated for the Udemy for Business collection

Requirements

  • Basic knowledge of Linux
  • Basic knowledge of Python
  • Immunity Debugger
  • Metasploit Framework
  • A Windows machine (real or virtual), to exploit
  • A Linux machine (real or virtual), as the attacker.

Description

The primary goal of this course is to provide you with practical exposure to the world of bug hunting. After taking this course, you will have a better understanding of the approaches (reverse engineering, exploit development) that bug hunters use to find security vulnerabilities. You will learn how to exploit Buffer Overflows on Windows systems. This is an initial course and begins from the very basics of exploitation and is beginner-friendly.

The difficulty is that most IT professionals do not have the general software development background required to begin the subject of buffer overflow. This course cuts down the technical subjects of computer memory management, controlling code, and data inside of a working program, and exploiting poor quality software into terms that IT people with no software development knowledge can understand.


A buffer overflow is a popular software coding error that an intruder could use to take control over your system. To efficiently decrease buffer overflow vulnerabilities, it is necessary to understand what buffer overflows are, what threats they act to your applications, and what methods attackers use to successfully exploit these vulnerabilities.


In this course, you will learn how to use different tools such as Immunity Debugger, Mona library for Immunity Debugger, Metasploit, msfvenom, Spike, File Fuzz and much more. This course is intended to be practical.


In this course, we will answer the following questions:

What is Buffer Overflow?

How do buffer overflow attacks work?

How to find buffer overflow vulnerabilities?

How to write a buffer overflow exploit?


Syllabus:

  • Reverse engineering.

  • Fuzzing applications.

  • Using a debugger to examine the crash.

  • Identifying error conditions using debugging.

  • Targeting the EIP register.

  • Identifying bad characters.

  • Locating the vulnerable module.

  • Creating final exploit code.

  • Exploit development.

  • Gain Remote Code Execution on Windows.


With this course you'll get 24/7 support, so if you have any questions you can post them in the Q&A section and we'll respond to you within 10 hours.


NOTE: This course is created for educational purposes only.


Who this course is for:

  • Security researchers
  • Security consultants
  • Programmers
  • Penetration testers
  • Anyone else who wants to dive into the exciting world of bug hunting.
  • ِِِِAnyone who wants to understand how exploits work.
  • Anyone interested in Reverse Engineering and Exploit Development
  • People preparing for OSCP, OSCE etc.

Course content

3 sections • 16 lectures • 1h 25m total length

  • What is a Buffer?
    00:31
  • What is a Buffer Overflow?
    00:08
  • Preview02:54

  • Preview05:24
  • Install Kali Linux
    07:05
  • Download Vulnserver
    01:50
  • Warning!
    00:07
  • Preview05:42
  • Install Immunity Debugger
    01:44

  • Buffer Overflow Exploit Development: Spiking
    11:59
  • Buffer Overflow Exploit Development: Fuzzing
    08:34
  • Buffer Overflow Exploit Development: Identify the position of EIP
    08:49
  • Buffer Overflow Exploit Development: Overwriting the EIP
    05:03
  • Buffer Overflow Exploit Development: Checking/Finding bad characters
    06:15
  • Buffer Overflow Exploit Development: Finding the right module
    11:57
  • Generating shellcode
    07:06

Instructor

Eslam Medhat (Ethical Hacking, Bug Bounty and Penetration Testing)
Hacking, Ethical Hacking, Bug Bounty and Penetration Testing
Eslam Medhat (Ethical Hacking, Bug Bounty and Penetration Testing)
  • 4.1 Instructor Rating
  • 1,165 Reviews
  • 11,776 Students
  • 4 Courses

is a professional pen-tester and ethical hacker with over 9 years of IT experience bringing a strong background in programming languages and application security, ranging from network and system administration to exploit research and development. He reported various vulnerabilities for high profile companies and vendors (such as Microsoft, Yahoo, Sony, AVG, Bitdefender, Facebook and many more) and was successfully acknowledged by them.


Certifications: 

- OSCP

- CEH (Certified Ethical Hacker)

- GPEN

- GWAPT

- CCNA and CCNA Security

- MCITP

- Advanced Linux&InfoSEC


Technical Skills:

Security: Application and network penetration testing, source code review, Incident Response, protocol analysis, fuzzing, reverse engineering, antiDDoS, IDS.

Languages: PHP, JavaScript, Java SE, C++, C#, Python, Visual Basic, SQL,CMD, Bash scripts, Assembly.

Tools/Frameworks: Burp Suite, OWASP ZAP, Fiddler, OWASP Mantra, Acunetix, Netsparker, W3AF, Nikto, SqlMap, Sql Ninja, Xenotix XSS Exploit Framework, Metasploit framework, Vmware, VirtualBox, Wireshark, Tcpdump,Dominator, Fuzzers, DirBuster, joomscan, sslstrip, Ettercap, Arachni, Nessus, ollydbg, Armitage, John the Ripper, etc..

Operating Systems: Expert knowledge of windows & Unix operating systems.

Website CMS: Wordpress, Joomla, Magento, etc..


  • Udemy for Business
  • Teach on Udemy
  • Get the app
  • About us
  • Contact us
  • Careers
  • Blog
  • Help and Support
  • Affiliate
  • Impressum Kontakt
  • Terms
  • Privacy policy
  • Cookie settings
  • Sitemap
  • Featured courses
Udemy
© 2021 Udemy, Inc.